Eliminate Document Delays
Sign contracts and more instantly with Personio.
How Important Is a Qualified Electronic Signature?
What goes into making a qualified electronic signature (QES), well, qualified? In an increasingly-digital world of business, electronic signatures, and all of the security assurances that come with them, are critical.
In this article, we detail how QES's work, why they matter and how to introduce them into your organisation at scale with a digital signing software.
Sign documents online, quickly and legally, with Personio's e-signature feature.
- What Is A Qualified Electronic Signature (QES)?
- Is a Qualified Electronic Signature Legally Binding in the UK?
- What Requirements Do QES's Need To Meet?
- What Does A QES Look Like In Practice?
- How Does QES Encryption Work?
- Can QESs Be Used In An Email?
- How Do You ‘Verify’ A QES?
- How Do You Create A Qualified Electronic Signature?
- What Do You Need To Create A Qualified Electronic Signature?
- How Much Does QES Equipment Cost?
- When Would HR Need A Qualified Electronic Signature?
What Is A Qualified Electronic Signature (QES)?
A qualified electronic signature (QES) is a secure electronic signature that is legally equivalent to a handwritten signature. It is backed up by a unique certificate that proves its validity beyond a shadow of a doubt.
Using a QES, companies and institutions can prove their identity in electronic data transactions, e.g., legal transactions on the Internet, as well as part of other agreements.
Is a Qualified Electronic Signature Legally Binding in the UK?
In the UK qualified electronic signatures are also considered compliant and legally binding. Important noting, though, that electronic signatures are only as strong as the source who issues them.
Expanding out to the EU, as perArt. 25 (2) of the eIDAS Regulation, qualified electronic signatures apply to all member states.
Personio puts data security and IT protection above all else. Learn more here.
What Requirements Do QES's Need To Meet?
The eIDAS Regulation has set out the following requirements for qualified electronic signatures:
It is uniquely assigned to signers.
It enables the signatory to be identified without any doubt.
It is created using a qualified electronic signature creation device.
It is designed in such a way that any subsequent change to the data in the signature can be detected.
It is based on a qualified certificate for electronic signatures.
What Does A QES Look Like In Practice?
Qualified and advanced electronic signatures are identical on their face and from a technical perspective. That said, in the case of a QES, the identity of the signee is additionally guaranteed by the recognised certification service that issues the qualified signature.
So, while they may appear the same, a QES comes with an additional level of security.
How Does QES Encryption Work?
In practice, a qualified electronic signature involves the signee being assigned a private signature key that has strong cryptographic encryption. This private key can only be read with a public key that uniquely matches it. The qualified certificate of the trust service provider combines both keys to confirm the identity of the person signing.
Can QESs Be Used In An Email?
Essentially, a qualified electronic signature is equivalent to its handwritten counterpart. Anything you might sign physically, you could sign with a QES.
That in mind, it also means that things like emails don’t fall under their umbrella — as you wouldn’t be able to physically sign an email, for instance.
A digital signature, sometimes found in e-mails, are more comparable to a wax seal. They can prove whether an email was really sent by a specific sender or whether its contents were manipulated.
Certain systems are able to check the signature of an e-mail and the qualified signed documents in the email attachment for incoming emails.
How Do You ‘Verify’ A QES?
To check the validity of the qualified electronic signature, the addressees must track who the document originated from and ensure that its content has not been changed. When signing a document, the recipient will receive an electronically signed document including a public key.
The enclosed public key can be used to read the transmitted electronic signature. If the values of the sender’s private key and the public key match, the signed document has been transmitted unchanged.
How Do You Create A Qualified Electronic Signature?
To create a qualified electronic signature, a signature card is required that is provided with a unique, forgery-proof electronic certificate. The certificate must be issued by a recognised certification service (Trust Service Provider) that covers the security requirements of the eIDAS Regulation.
The certification service generates a secure signature creation device that the trust service provider can control remotely. This prevents tampering with the qualified electronic signature, which could otherwise be carried out on readers and the like.
Create, manage and have documents signed in one place: Personio’s Digital Employee Files.
What Do You Need To Create A Qualified Electronic Signature?
To create a qualified electronic signature, the signature card of a certification provider (see above), a suitable card reader and digital signing software are required.
Here is an overview of the steps in the QES process:
Select a suitable certification service.
Organise the necessary hardware and software.
Software for qualified electronic signature
Add a digital signature to your document.
Identify yourself uniquely so that a qualified certificate can be issued.
According to the definition in the eIDAS Regulation, cloud-based signatures can also meet the requirements for a qualified signature. In this case, no signature card is required.
The certificates are stored on a server and the qualified electronic signature can be managed remotely by a qualified certification service on behalf of the signer.
Take a look into how Personio facilitates faster HR work with electronic signatures.
How Much Does QES Equipment Cost?
For a card reader, signature card and certificate for a qualified electronic signature valid for three years, you normally pay between £100 to £130 (€120 to €160).
When Would HR Need A Qualified Electronic Signature?
For a busy HR team, you would likely need the help of a qualified electronic signature in some of the following cases:
Acknowledgments of receipt
Amendments and supplements to the employment contract with double written form clause
Although the qualified electronic signature is the most secure form of e-signature, it always requires personal identification when first implemented. Subsequently, two-factor authentication is required, for example, by means of a signature card.
The question of which type of signature is relevant for you must therefore be weighed up according to the legal requirements and the specific use case.
Get Exclusive Insights, Invites and More With Our Weekly HR Newsletter
Not a Customer yet? Contact Sales.
Career at Personio
© 2023 Personio SE & Co. KG